﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.Mvc;
using System.Web;
using YeaTrip.Common;

namespace YeaTrip.Framework.Filter
{
    /// <summary>
    /// 权限验证
    /// </summary>
    public class AuthorizationAttribute : ActionFilterAttribute, IAuthorizationFilter
    {
        public void OnAuthorization(AuthorizationContext filterContext)
        {
            bool isAsync = false;   //是否异步请求，默认为否
            if (filterContext.RequestContext.HttpContext.Request.Headers["X-Requested-With"] != null &&
                filterContext.RequestContext.HttpContext.Request.Headers["X-Requested-With"].Equals("XMLHttpRequest"))
            {
                isAsync = true;
            }

            HttpContextBase httpContextBase = filterContext.RequestContext.HttpContext;
            //先判断是否登录，若未登录，则跳转到登录页面
            if (httpContextBase.Session["CustID"] == null)
            {
                if (isAsync)
                {
                    filterContext.HttpContext.Response.StatusCode = Convert.ToInt16(500);
                    filterContext.HttpContext.Response.Write("未登录");
                }
                else
                {
                    filterContext.HttpContext.Response.Redirect("~/");
                    //ViewResult view = new ViewResult()
                    //{
                    //    ViewName = "~/Views/UserManage/Login.aspx",
                    //};

                    //filterContext.Result = view;
                }
                return;
            }
            //若已登录，需要判断是否有权限访问所请求的菜单，若无权限，则跳转至错误提示页面
        }

    }
}
